Nevis Access App
Getting Started
- The release notes keeps you up to date on the latest Access App changes and new features.
- The ordering guide helps you when ordering your first Access App.
- The user support provides information on how you can support your users.
- The Appendix section contains useful information, such as publication preparation for Android and iOS.
Feature Overview
The Nevis Access App is a standardized Access App. It is possible to create customer-branded instances of the Nevis Access App. The Nevis Access App offers the following functionality:
- Available for iOS and Android (supported version: iOS 12+ and Android 7+)
- Based on the FIDO UAF 1.1 standard
- Authentication via PIN, fingerprint or biometric authentication (depending on device capabilities, includes fingerprint, face, and iris recognition) on Android devices
- Authentication via PIN, fingerprint or faceID on iOS devices
- Deregistration of the Access App from within the app
- Generic transaction confirmation
- Customer-branding (logo, colors, fonts)
- Forced Access App Update
- Different message transmission Channels such as push, link or QR code
- Number matching support to prevent push-fatigue attacks.
- Customisable translations for all app messages
- Right to left language support
- Configurable links to in-app rendered HTTP pages including multi-language support for
- the privacy policy page (app store requirement)
- app help page (optional)
- account registration page (optional)
Nevis provides regular releases of the Access Apps to customers and partners, implements improvements, ensures that bugs are fixed and new OS versions are supported.
Hardware Requirements
Because of the high-security nature of the Nevis Access App, it requires the presence of a TEE/SE1. For Apple devices, this is ensured by the iOS12+ limitation. Also, most currently available Android devices contain a TEE/SE, except some (usually low-budget) models.
The Apple iPod Touch lacks a TEE/SE, therefore it is not supported.
Access App Flavors
The Access App is delivered in two flavors:
Integration
Use the Integration flavor of the Access App in the context of testing and development. This flavor can be run on emulators. It also provides increased logging (showing the network requests and responses for example).
Production:
Deliver the Production flavor of the Access App to end users.
Publication
For a description of the steps that are required to sign the app per platform, refer to Prepare Android publication or Prepare iOS Publication.
- TEE: Trusted Execution Environment refers to cryptographic hardware for secure storage and execution of cryptographic related operations. As opposed to a TPM (Trusted Platform Module) a TEE is not physically isolated from the main chipset. SE: Secure Enclave - a tamper-proof secure storage.↩